From 53abc9effcd32640d077dd334cb4b6f249135ec1 Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Wed, 18 May 2022 21:28:43 +0700 Subject: [PATCH 1/2] add tls 1.2 Signed-off-by: Nikita Skrynnik --- main.go | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index edd46aa..c536e8f 100644 --- a/main.go +++ b/main.go @@ -21,6 +21,7 @@ package main import ( "context" + "crypto/tls" "io/ioutil" "net" "net/url" @@ -164,6 +165,11 @@ func main() { } log.FromContext(ctx).Infof("SVID: %q", svid.ID) + tlsClientConfig := tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny()) + tlsClientConfig.MinVersion = tls.VersionTLS12 + tlsServerConfig := tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny()) + tlsServerConfig.MinVersion = tls.VersionTLS12 + // ******************************************************************************** log.FromContext(ctx).Infof("executing phase 3: creating icmp server ipam") // ******************************************************************************** @@ -203,7 +209,7 @@ func main() { grpc.Creds( grpcfd.TransportCredentials( credentials.NewTLS( - tlsconfig.MTLSServerConfig(source, source, tlsconfig.AuthorizeAny()), + tlsServerConfig, ), ), ), @@ -232,7 +238,7 @@ func main() { grpc.WithTransportCredentials( grpcfd.TransportCredentials( credentials.NewTLS( - tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeAny()), + tlsClientConfig, ), ), ), From b181c18b783ba2f85192aa8751a74e70c10bb550 Mon Sep 17 00:00:00 2001 From: Nikita Skrynnik Date: Tue, 24 May 2022 00:53:10 +0700 Subject: [PATCH 2/2] fix generate Signed-off-by: Nikita Skrynnik --- internal/imports/gen.go | 4 +++- internal/imports/imports_linux.go | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/internal/imports/gen.go b/internal/imports/gen.go index 7b45ebf..7ae145a 100644 --- a/internal/imports/gen.go +++ b/internal/imports/gen.go @@ -1,5 +1,7 @@ // Copyright (c) 2021 Doc.ai and/or its affiliates. // +// Copyright (c) 2022 Cisco and/or its affiliates. +// // SPDX-License-Identifier: Apache-2.0 // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -18,5 +20,5 @@ package imports //go:generate bash -c "rm -rf imports*.go" -//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go get github.com/edwarnicke/imports-gen@v1.1.2" +//go:generate bash -c "cd $(mktemp -d) && GO111MODULE=on go install github.com/edwarnicke/imports-gen@v1.1.2" //go:generate bash -c "GOOS=linux ${GOPATH}/bin/imports-gen" diff --git a/internal/imports/imports_linux.go b/internal/imports/imports_linux.go index a6df27a..d2ed704 100644 --- a/internal/imports/imports_linux.go +++ b/internal/imports/imports_linux.go @@ -3,6 +3,7 @@ package imports import ( _ "context" + _ "crypto/tls" _ "github.com/antonfisher/nested-logrus-formatter" _ "github.com/edwarnicke/grpcfd" _ "github.com/edwarnicke/vpphelper"